What is a Cyber Attack?
A data breach happens when personal information is accessed or disclosed without authorisation or is lost.
If the Privacy Act 1988 covers your organisation or agency, you must notify affected individuals and us when a data breach involving personal information is likely to result in serious harm.
A cyber attack is an assault launched by cyber criminals using singular or multiple computers against a single or multiple computers or networks. A cyber attack can maliciously effect computers, steal data, or use a breached computer as a starting point for other attacks. Cyber criminals use different methods to launch a cyber attacks, including ransomware, malware, phishing, denial of service, among other methods.
Yardtech Secure Website Management provides comprehensive website security solutions to protect your website from malicious attacks and data breaches. Our services include website monitoring, malware scanning, and vulnerability assessment to ensure your website is secure and compliant with industry standards.
You can scan your Website for security breaches at any time. However, cleaning a hacked Website without professional help can be difficult for non-technical users.
What does a cyber attack look like to you the user?
Actions on recognising a cyber attack
Immediate actions
- Observe what it is that you see on the screen – take a photo of the whole screen
- If your device: Unplug the device – power and network. (Or do you leave on and monitor?)
- If on-premise solution: Segregate the IT (unplug the network) to stop the proliferation
- If software: Do not move or click any buttons (log off?)
- Note what you are doing – visiting a website, looking at email, opening an attachment
- Tell surrounding colleagues and report it to your supervisor
- Don’t contact the perpetrator – they do not yet know about you
- Don’t share any personal data or information
- Report it to IT support or contact us.
- Manage your unfolding crisis, we can offer assistance if needed
Secondary actions
- Don’t pay the ransom
- Continue not to share information
- Change your password/s if you use the same password across platforms
- Update your security questions, recovery questions, and restricted information
- Contact relevant authorities, bank staff, taxation, government officials, social media companies
- Items may be cancelled, so order new credit cards, bank cards, domain, email accounts, social media accounts, passport, phone number, etc.
- Discuss the event with your IT support, and their next actions
- Assess the damage and identify the extent of the attack
- Prepare secondary means or devices for use and access to your information, e.g. if your PC is infected use your phone for email
- Remediate your IT, run scans, restore from backups, rebuild IT
- Update your team and affected stakeholders
Tertiary actions
- Investigate the how and why of the attack
- Put in place remediation steps and stronger defences
- Consider improved security – complex passwords, multifactor authentication
- Document: detail the how, why, where and when
- Report to Police or Government officials
- Consider cybersecurity insurance
- Notify the OAIC if you need to comply with mandatory reporting and notifiable data breach after a cyberattack
- Undertake further education
- Improve your responses with IT support and third-party providers
- Revise your cybersecurity plan and responses
To mitigate a cyber attack
- Consider alternative device use (laptop, smartphone, personal computer, Cloud services, etc.) – don’t put all your eggs in one basket
- Consider a range of preventative measures – complex passwords, antivirus software, mail scanning, two-factor authentications, a layered defence
- Implement a backup to allow the remediation after an attack; keep software authorisation codes separate for a restore – mitigation steps
- Consider multiple means to access your data or accounts, e.g. phone banking, web-based bank access
- Implement a range of layered passwords and access strategies rated at:
- Simple (non-sensitive, not important, e.g. an online book reader)
- Medium (personal data but not financial, e.g. social media account)
- Complex (online purchases that contain credit card information, e.g. Amazon)
- Highly complex (financial data and significant personal data, e.g. smartwatch)
- Ultimate (close personal significant finances and data that often involve two-factor authentication – banking, taxation office, share trading, etc.)
- Keep yourself private – don’t become the target
- There is a relationship with security and cost – free can be insecure; pay to be secure. Ease of use can also indicate lesser security (Facebook, Gmail, LinkedIn, etc.)
- Mange your exposure – update software, apply patches, update devices, regularly review accounts, apply the direction from your authorities
- Set up a relationship to consult or work with a security professional or IT support
- Be naturally suspicious of people or activities that you do not know or trust.
Passwords
To mitigate data spills and breaches and other cyber security incidents, the ACSC advises the following:
- require all users to periodically reset passwords to reduce the ongoing risk of credential compromises
- consider increasing password length and complexity requirements to mitigate the risk of brute-force attacks being successful
- implement a lockout for multiple failed login attempts
- if credentials have been compromised, reset passwords as soon as possible
- discourage users from reusing the same password across critical services such as banking and social media sites, or sharing passwords for a critical service with a non-critical service
- recommend the use of passphrases that are not based on simple dictionary words or a combination of personal information: this reduces the risk of password guessing and simple brute-forcing
- advise users to ensure new passwords do not follow a recognisable pattern: this reduces the risk of intelligent brute-forcing based on previously stolen credentials
Software Systems
To mitigate data spills and breaches and other cyber security incidents, the ACSC advises the following:
- use multi-factor authentication for all remote access to business systems and for all users when they perform a privileged action or access an important (sensitive/high-availability) data repository
- look out for unusual account activity or suspicious logins: this may help detect when a service such as email has been compromised and needs a password reset
- encourage users to think carefully before entering credentials:
- ask if this is normal
- don’t enter credentials into a form loaded from a link sent in email, chat or other means open to receiving communications from an unknown party
- even if the page looks like the service being reset, think twice
- do not click the link; instead, browse to the website and reset the password from there
- be aware that friends or other contacts’ accounts could be compromised and controlled by a third party to also send a link
- keep operating systems, browsers and plugins up-to-date with patches and fixes
- enable anti-virus protections to help guard against malware that steals credentials